> The error
> ts=2024-09-15T17:58:49.480Z caller=coordinator.go:118 level=error
component=configuration msg="Loadion file failed"
file=/etc/alertmanager/alertmanager.yml err="yaml: unmarshal errors:\n
line 7: field tls_config not found in type config.plain"
It's saying that you cannot put "tls_config" as a top-level key in
Prometheus config. Since the config file is invalid, it cannot run.
As I said before, if you need to use tls_config then it has to be under the
E-mail receiver.
receivers:
- name: send_email
email_configs:
- to: [email protected] <https://groups.google.com/>
from: [email protected] <https://groups.google.com/>
smarthost: smtp.zoho.com:587
auth_username: [email protected] <https://groups.google.com/>
auth_password: passss
require_tls: true
tls_config:
... blah
You don't need to repeat the smarthost / auth_username / auth_password /
require_tls if you've set them globally.
But unfortunately you *do* need to put a separate "tls_config" section
under every email receiver.
> tls_config:
> cert_file: /home/chinelo/alertmanager.crt
> key_file: /home/chinelo/alertmanager.key
That means you want to authenticate to your SMTP server using a TLS client
certificate. I note that if I connect to it, it says it only supports
password authentication (LOGIN and PLAIN):
% openssl s_client -connect smtp.zoho.com:587 -starttls smtp
...
ehlo wombat
250-mx.zohomail.com Hello wombat (x.x.x.x (x.x.x.x))
250-AUTH LOGIN PLAIN
250 SIZE 32505856
I believe the normal way to do TLS client authentication would be with the
SASL "EXTERNAL" mechanism. But since you are already providing an
auth_username and auth_password, I don't think you'll need to provide a TLS
certificate as well. (In which case, maybe you don't need a tls_config
section at all).
However, that's all detail around your particular SMTP server, and maybe it
works in a weird way.
On Sunday 15 September 2024 at 19:08:28 UTC+1 Chinelo Ufondu wrote:
> This is what i did
> global:
> smtp_smarthost: smtp.zoho.com:587
> smtp_from: [email protected]
> smtp_auth_username: '[email protected]'
> smtp_auth_password: passs
>
> smtp_require_tls: true
> tls_config:
> cert_file: /home/chinelo/alertmanager.crt
> key_file: /home/chinelo/alertmanager.key
> receivers:
> - name: send_email
> email_configs:
> - to: [email protected]
> from: [email protected]
> smarthost: smtp.zoho.com:587
> auth_username: [email protected]
> auth_password: passss
>
> require_tls: true
> - name: send_email2
> email_configs:
> - to: [email protected]
> from: [email protected]
> smarthost: smtp.zoho.com:587
> auth_username: [email protected]
> auth_password: passss
>
> require_tls: true
> route:
> receiver: send_email
> routes:
> - receiver: send_email2
> inhibit_rules:
> - source_match:
> severity: critical
> target_match:
> severity: warning
> equal:
> - alertname
> - dev
> - instance
>
> The error
> ts=2024-09-15T17:58:49.480Z caller=coordinator.go:118 level=error
> component=configuration msg="Loadion file failed"
> file=/etc/alertmanager/alertmanager.yml err="yaml: unmarshal errors:\n
> line 7: field tls_config not found in type config.plain"
>
> Sep 15 17:58:49 localhost alertmanager[2767706]:
> ts=2024-09-15T17:58:49.480Z
> On Sun, 15 Sept 2024 at 18:46, 'Brian Candler' via Prometheus Users <
> [email protected]> wrote:
>
>> Show what you did, and what the error was, and then maybe we can help you.
>>
>> There are some global settings that cover common use cases:
>>
>> https://prometheus.io/docs/alerting/latest/configuration/#file-layout-and-global-settings
>>
>> However, if you need more control (e.g. for client certificate auth or
>> accepting self-signed certificates from the E-mail server) you'll need to
>> use tls_config under the email receiver definition:
>> https://prometheus.io/docs/alerting/latest/configuration/#email_config
>> https://prometheus.io/docs/alerting/latest/configuration/#tls_config
>>
>> On Sunday 15 September 2024 at 16:48:16 UTC+1 Chinelo Ufondu wrote:
>>
>>> Hello all!!
>>>
>>> I am currently trying to configure TLS in my alert manager configuration
>>> file to enable it authenticate to my smtp host, I have tried various
>>> options from the documentation and forums , but all to no avail. I would
>>> appreciate if I am being assisted with this blocker.
>>>
>> --
>>
> You received this message because you are subscribed to the Google Groups
>> "Prometheus Users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to [email protected].
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/prometheus-users/a1d49d1e-7761-4897-9c43-72d54ce3278fn%40googlegroups.com
>>
>> <https://groups.google.com/d/msgid/prometheus-users/a1d49d1e-7761-4897-9c43-72d54ce3278fn%40googlegroups.com?utm_medium=email&utm_source=footer>
>> .
>>
>
--
You received this message because you are subscribed to the Google Groups
"Prometheus Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/prometheus-users/36e0a5de-4851-4048-9d65-17bb4ae7c2d0n%40googlegroups.com.
